--------------------------------------------------------------------- Fedora Update Notification FEDORA-2006-172 2006-03-20 --------------------------------------------------------------------- Product : Fedora Core 5 Name : xorg-x11-server Version : 1.0.1 Release : 9 Summary : X.Org X11 X server Description : X.Org X11 X server --------------------------------------------------------------------- Update Information: Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team. Upon analysis, Alan Coopersmith, a member of the X.Org development team, noticed a couple of serious security issues in the findings. In particular, the Xorg server can be exploited for root privilege escalation by passing a path to malicious modules using the -modulepath command line argument. Also, the Xorg server can be exploited to overwrite any root writable file on the filesystem with the -logfile command line argument. --------------------------------------------------------------------- * Wed Mar 15 2006 Ray Strode <rstrode@xxxxxxxxxx> - 1.0.1-9 - CVE-2006-0745 (bug 185084) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/ 62c76f10a229a7acb1124f2fcd2bf09bc3d5f9c2 SRPMS/xorg-x11-server-1.0.1-9.src.rpm b5aaa17856b44f1c9478fb57940053f8853fbdc7 ppc/xorg-x11-server-Xorg-1.0.1-9.ppc.rpm d522b711623540752dab0285f3e6e9af5957e93e ppc/xorg-x11-server-Xnest-1.0.1-9.ppc.rpm 30d539d1981ee371c3c23d37040f645e18cab3cb ppc/xorg-x11-server-Xdmx-1.0.1-9.ppc.rpm 105129cb3df40edefa427a3079b01723796b78e3 ppc/xorg-x11-server-Xvfb-1.0.1-9.ppc.rpm 47cac9878371cda596282f1312097391b63e6f5c ppc/xorg-x11-server-sdk-1.0.1-9.ppc.rpm c9b2e112fbb160304fe88687d786f7a296c12e67 ppc/debug/xorg-x11-server-debuginfo-1.0.1-9.ppc.rpm c1354391868e4d65dec1fde4df901c663977529e x86_64/xorg-x11-server-Xorg-1.0.1-9.x86_64.rpm 4e75a20403dd8aa89b1c40334694b7d7dccfc0db x86_64/xorg-x11-server-Xnest-1.0.1-9.x86_64.rpm 86f7afcdacf79cccdf12f8c013bef03d84a2420b x86_64/xorg-x11-server-Xdmx-1.0.1-9.x86_64.rpm cf4fb466fe5c3cca5a1360c6f70a7e0b04fa0080 x86_64/xorg-x11-server-Xvfb-1.0.1-9.x86_64.rpm 3448d6e446fdf245b805e731ade54c6801daaa53 x86_64/xorg-x11-server-sdk-1.0.1-9.x86_64.rpm 5a6e70aef827c124c7ef660c544f78def11a498e x86_64/debug/xorg-x11-server-debuginfo-1.0.1-9.x86_64.rpm dc08e7f253ba49a6bc0ca5b29d988a78b928dba2 i386/xorg-x11-server-Xorg-1.0.1-9.i386.rpm 2235e42c5ffe9255f4cc18f68e19b0652e2a52ec i386/xorg-x11-server-Xnest-1.0.1-9.i386.rpm 0babd4a06f0ac57eb8ea2730022b9cb5e49abe5d i386/xorg-x11-server-Xdmx-1.0.1-9.i386.rpm 4ac6d2ef90052d965f0d23abb27ea5d7128c51c9 i386/xorg-x11-server-Xvfb-1.0.1-9.i386.rpm afbdac912fa0cc580f18c4ff3eccff444f89595f i386/xorg-x11-server-sdk-1.0.1-9.i386.rpm b36a9dd6eed098a3c8f55d5415ee07d1a893b5ba i386/debug/xorg-x11-server-debuginfo-1.0.1-9.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. --------------------------------------------------------------------- -- fedora-announce-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-announce-list
